U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2016-9014

Change History

Initial Analysis by NIST 12/14/2016 9:39:10 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
          *cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
          *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
          *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
          *cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:djangoproject:django:1.8:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.2:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.3:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.4:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.5:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.6:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.7:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.8:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.9:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.10:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.11:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.12:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.13:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.14:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.8.15:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:a:djangoproject:django:1.10:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.10.1:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.10.2:*:*:*:*:*:*:*
Configuration 5
     OR
          *cpe:2.3:a:djangoproject:django:1.9.10:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.9:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.8:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.7:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.6:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.5:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.4:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.3:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.2:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9.1:*:*:*:*:*:*:*
          *cpe:2.3:a:djangoproject:django:1.9:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Added CVSS V3

								
							
							
						
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
CWE-264
Changed Reference Type
http://www.securityfocus.com/bid/94068 No Types Assigned
http://www.securityfocus.com/bid/94068 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.securitytracker.com/id/1037159 No Types Assigned
http://www.securitytracker.com/id/1037159 Third Party Advisory, VDB Entry
Changed Reference Type
http://www.ubuntu.com/usn/USN-3115-1 No Types Assigned
http://www.ubuntu.com/usn/USN-3115-1 Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OG5ROMUPS6C7BXELD3TAUUH7OBYV56WQ/ Third Party Advisory
Changed Reference Type
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/ No Types Assigned
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXDKJYHN74BWY3P7AR2UZDVJREQMRE6S/ Third Party Advisory
Changed Reference Type
https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ No Types Assigned
https://www.djangoproject.com/weblog/2016/nov/01/security-releases/ Release Notes, Vendor Advisory